Bitdefender Total Security Local Code Execution Vulnerability



Bitdefender Total Security is prone to a local code-execution vulnerability.

A local attacker can leverage this issue to execute arbitrary code in the context of affected application. Failed attempts may lead to denial-of-service conditions.

Bitdefender Total Security 2017 is vulnerable; other versions may also be affected.

Information

Bugtraq ID: 101014
Class: Input Validation Error
CVE:
Remote: No
Local: Yes
Published: Sep 27 2017 12:00AM
Updated: Sep 27 2017 12:00AM
Credit: Sachin Wagh (@tiger_tigerboy)
Vulnerable: BitDefender Total Security 2017 0


Not Vulnerable:

Exploit


The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.


References:

Related Posts

Comments